Hack and / - Your Own Personal Server: DNS

Why let registrars have all the fun? Learn how to set up your own DNS server completely under your own control.

Slave DNS Configuration

Many registrars on the Internet require that any domain you register have
at least two DNS servers configured with it. It's a good practice to have,
because if you have a single DNS server and it goes down, it effectively
will make all your servers under that domain inaccessible. This means you
need to set up a second DNS server on a different IP, ideally on a different
network, or have a friend with a DNS server act as a slave to your master
DNS server. In either case, it's a relatively simple process. Let's say that
my second DNS server is going to be at the IP address 98.76.54.32. First, I
would log in to my Master DNS server and add the new NS and A records to my
zone file:

Finally, I would install BIND on the second server, or if it already
exists, all I would have to do is add a new entry at the end of the
named.conf file to define the example.org zone and tell this server the IP
address of the master:

Note that in this case the slave zone is being stored under
/var/cache/bind. That's the default location for slave zone files under
Debian-based systems. Under Red Hat, you would store them under
/var/named/. Once I reload BIND on the slave server, it will pull the new
zone information from the master, and I should be able to perform DNS
queries against it.

Once you have set up a slave, keep in mind that anytime you make a change
to the master, you will need to increment the Serial field in the Master's
zone file (in my example, it is set to 2, but a lot of administrators like to
set it to the current date plus two extra number fields, such as
2010120500). When the slave needs to know whether its zone information is
up to date, it compares its serial number with the serial number on the
master. If the master's serial number for a zone is higher, it copies down
the new zone information; otherwise, it sticks with what it has cached.

Domain Registration

Once you have a functioning DNS server, all that's left is to tell the
world to use it. If you haven't already registered your domain with a
registrar, find a domain registration service on the Internet (there are too
many for me to list here, but a search for domain name registration should
turn up plenty). When you register the domain, most registrars will let you
use their own DNS servers for your domain, but you don't need them! When you
get to the point in the registration process where it asks you about your
DNS servers, just give them the public IP address for your own DNS server
(in my case, it would be ns1.example.org or 123.12.34.56). Note that many
registrars require you to have two DNS servers defined for a domain, so in
that case, set up a slave DNS server and add its IP address as well. Once
you complete the registration process and allow the new domain information
time to propagate around the Internet, you will have the ability make IP
changes for your Web, mail and other servers all from your own machines.

Kyle Rankin is a Systems Architect in the San Francisco Bay Area and the
author of a number of books, including The Official Ubuntu Server
Book,
Knoppix Hacks and Ubuntu Hacks.
He is currently the president of the North
Bay Linux Users' Group.

Kyle Rankin is Chief Security Officer at Purism, a company focused on computers that respect your privacy, security, and freedom. He is the author of
many books including Linux Hardening in Hostile Networks, DevOps Troubleshooting and The Official Ubuntu